json web token登录
json
适用于现代 C++ 的 JSON。
项目地址:https://gitcode.com/gh_mirrors/js/json
免费下载资源
·
1.引入jar包
2.jwt加密得到token,解密获取登录信息
package com.baosight.JWT.tool;
import java.text.ParseException;
import java.util.Map;
import net.minidev.json.JSONObject;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.JWSSigner;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.MACSigner;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTParser;
import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
public class AuthHelper {
//可有无,随意设置的属性值
static String BAOSIGHT_SHORTNAME = "test";
//站点秘钥
static String BAOSIGHT_SECRET = "3d990d2276917dfac04467df11fff26d";
//加密,id </span><span style="font-size: 18px; font-family: Arial, Helvetica, sans-serif;">(用户在网站中的唯一标示),flag(是否记住密码一周)</span>
<span style="font-size:18px;"><span style="white-space:pre"> </span>public static String getToken(String id,String flag){
JSONObject userInfo = new JSONObject();
//网站二级域名
userInfo.put("short_name", BAOSIGHT_SHORTNAME);//必须项
//用户id(用户在网站中的唯一标示)
//这里添加一个javabean对象,会出现类型异常
userInfo.put("user_key", id);//必须项
//flag设置到期时间
userInfo.put("flag", flag);
//用户名
userInfo.put("name", "网站用户A");//可选项
Payload payload = new Payload(userInfo);
JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
header.setContentType("jwt");
// Create JWS object
JWSObject jwsObject = new JWSObject(header, payload);
// Create HMAC signer
JWSSigner signer = new MACSigner(BAOSIGHT_SECRET.getBytes());
try {
jwsObject.sign(signer);
} catch (JOSEException e) {
System.err.println("Couldn't sign JWS object: " + e.getMessage());
return "error";
}
// Serialise JWS object to compact format
String token = jwsObject.serialize();
return token;
}
public static String parseToken(String token){
try {
JWT t=JWTParser.parse(token);
//获取Claims // 包括需要传递的用户信息; { "sub": "1234567890", "name": "John Doe", "admin": true }
ReadOnlyJWTClaimsSet s=t.getJWTClaimsSet();
Map<String, Object> map=s.getAllClaims();
// userInfo userInfo=(com.baosight.JWT.bean.userInfo) map.get("user");
// System.out.println(userInfo.getId()+userInfo.getFlag());
String user_key=(String) map.get("user_key");
String flag=(String) map.get("flag");
System.out.println(flag);
return user_key;
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return null;
}
}
//测试
public static void main(String[] args) {
String token =getToken("venbill","true");
String user_key=parseToken(token);
System.out.println(user_key);
// System.out.println("id:"+u.getId()+", flag:"+u.getFlag());
}
}</span>
3.登录:doLogin
servlet:
package com.baosight.JWT.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.baosight.JWT.tool.AuthHelper;
/**
* Servlet implementation class doLogin
*/
public class doLogin extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public doLogin() {
super();
// TODO Auto-generated constructor stub
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String name=request.getParameter("name");
String password=request.getParameter("password");
String getFlag=request.getParameter("autoAuth");
int durationDays=-1;
String autoAuth="flase";
if (getFlag!=null) {
durationDays=7;
autoAuth="true";
}
AuthHelper ah=new AuthHelper();
String token=ah.getToken(name, autoAuth);
System.out.println(token);</span>
<span style="font-size:18px;"><span style="white-space:pre"> </span>//存入cookie
Cookie cookie = new Cookie("JWT-Test2", token);
cookie.setPath("/");
cookie.setMaxAge(durationDays*60*60*24);
response.addCookie(cookie);
Cookie[] cookies = request.getCookies();
for(Cookie c :cookies ){
System.out.println(c.getName()+"--->"+c.getValue());
}
response.sendRedirect("/JWT-Test2/success.jsp");
}
}
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>welcome to baosight</title>
</head>
<body>
<table>
<form action="http://localhost:8888/JWT-Test2/doLogin" method="POST">
<tr><td>用户名: <input type="text" name="name" /><br></td></tr>
<tr><td>密 码: <input type="text" name="password" /><br></td>
</tr>
<tr>
<td> <input type="checkbox" name="autoAuth" value="true" />记住一周</td>
<td> <input type="submit" value="Submit" /></td></tr>
</form>
</table>
</body>
</html>
success.html
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<h1>login success</h1>
<form action="http://localhost:8888/JWT-Test2/doLogout" method="POST">
<input type="submit" value="退出" />
</form>
</body>
</html>
4.登出doLogout
servlet:
package com.baosight.JWT.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet implementation class doLogout
*/
public class doLogout extends HttpServlet {
private static final long serialVersionUID = 1L;
public doLogout() {
super();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//删除cookie</span>
<span style="font-size:18px;"><span style="white-space:pre"> </span>Cookie[] cookies = request.getCookies();
if(cookies != null)
for(Cookie cookie : cookies) {
if(cookie.getName().equals("JWT-Test2")) {
System.out.println("cookname========="+cookie.getName());</span>
<span style="font-size:18px;"><span style="white-space:pre"> </span>//这里必须设置path,不然删除不了,必要时需要设置path和domain
cookie.setMaxAge(0);
cookie.setPath("/");
response.addCookie(cookie);
break;
}
}
request.getRequestDispatcher("/login.html").forward(request, response);
}
}
5.设置过滤器,每次访问页面拿取、判断token
filter:
package com.baosight.JWT.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.baosight.JWT.tool.AuthHelper;
/**
* Servlet Filter implementation class AuthorTokenFilter
*/
public class AuthorTokenFilter implements Filter {
/**
* Default constructor.
*/
public AuthorTokenFilter() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String token = null;
Cookie[] cookies = request.getCookies();</span>
<span style="font-size:18px;"><span style="white-space:pre"> </span>//拿取cookie并判断
if(cookies != null)
for(Cookie cookie : cookies) {
if(cookie.getName().equals("JWT-Test2")) {
token=cookie.getValue();
break;
}
}
AuthHelper ah=new AuthHelper();
try {
String id=ah.parseToken(token);
System.out.println(id);
request.getRequestDispatcher("/success.jsp").forward(request, response);
} catch (Exception e) {
response.sendRedirect("/JWT-Test2/login.html");
}
chain.doFilter(request, response);
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>JWT-Test2</display-name>
<servlet>
<description></description>
<display-name>doLoginServlet</display-name>
<servlet-name>doLoginServlet</servlet-name>
<servlet-class>com.baosight.JWT.servlet.doLogin</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>doLoginServlet</servlet-name>
<url-pattern>/doLogin</url-pattern>
</servlet-mapping>
//过滤器配置,访问所有jsp页面都经过该过滤器</span>
<span style="font-size:18px;"> <filter>
<display-name>AuthorTokenFilter</display-name>
<filter-name>AuthorTokenFilter</filter-name>
<filter-class>com.baosight.JWT.filter.AuthorTokenFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AuthorTokenFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<servlet>
<description></description>
<display-name>doLogout</display-name>
<servlet-name>doLogout</servlet-name>
<servlet-class>com.baosight.JWT.servlet.doLogout</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>doLogout</servlet-name>
<url-pattern>/doLogout</url-pattern>
</servlet-mapping>
</web-app>
6.网页打开:http://localhost:8888/JWT-Test2/login.html
登录登出测试
GitHub 加速计划 / js / json
41.72 K
6.61 K
下载
适用于现代 C++ 的 JSON。
最近提交(Master分支:13 天前 )
960b763e
3 个月前
8c391e04
5 个月前
更多推荐
已为社区贡献2条内容
所有评论(0)